email-and-password-best-practices
Email verification, password reset flows, and customizable password policies for Better Auth.
- Supports email verification with optional enforcement to block sign-in until verified, plus configurable token expiration and single-use reset tokens
- Password reset flows with built-in security: background email sending, timing attack prevention, dummy operations on invalid requests, and optional session revocation on reset
- Configurable password length limits (default 8–256 characters) and custom hashing algorithms via pluggable
hashandverifyfunctions - Requires absolute callback URLs and
sendVerificationEmail/sendResetPasswordfunctions to integrate with your email provider
Quick Start
- Enable email/password:
emailAndPassword: { enabled: true } - Configure
emailVerification.sendVerificationEmail - Add
sendResetPasswordfor password reset flows - Run
npx @better-auth/cli@latest migrate - Verify: attempt sign-up and confirm verification email triggers
Email Verification Setup
Configure emailVerification.sendVerificationEmail to verify user email addresses.
import { betterAuth } from "better-auth";
import { sendEmail } from "./email"; // your email sending function
export const auth = betterAuth({
More from better-auth/skills
better-auth-best-practices
Configure Better Auth server and client, set up database adapters, manage sessions, add plugins, and handle environment variables. Use when users mention Better Auth, betterauth, auth.ts, or need to set up TypeScript authentication with email/password, OAuth, or plugin configuration.
48.9Kcreate-auth-skill
Scaffold and implement authentication in TypeScript/JavaScript apps using Better Auth. Detect frameworks, configure database adapters, set up route handlers, add OAuth providers, and create auth UI pages. Use when users want to add login, sign-up, or authentication to a new or existing project with Better Auth.
20.3Korganization-best-practices
Configure multi-tenant organizations, manage members and invitations, define custom roles and permissions, set up teams, and implement RBAC using Better Auth's organization plugin. Use when users need org setup, team management, member roles, access control, or the Better Auth organization plugin.
14.4Ktwo-factor-authentication-best-practices
Configure TOTP authenticator apps, send OTP codes via email/SMS, manage backup codes, handle trusted devices, and implement 2FA sign-in flows using Better Auth's twoFactor plugin. Use when users need MFA, multi-factor authentication, authenticator setup, or login security with Better Auth.
13.7Kemail & password best practices
This skill provides guidance and enforcement rules for implementing secure email and password authentication using Better Auth.
2organization best practices
Configure multi-tenant organizations, manage members and invitations, define custom roles and permissions, set up teams, and implement RBAC using Better Auth's organization plugin. Use when users need org setup, team management, member roles, access control, or the Better Auth organization plugin.
1